darnellkeith/PEASS-ng
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

- suppressing chrome decrypt credentials error

Browse Source
This commit is contained in:
makikvues 2021-02-13 17:33:15 +01:00
parent 1ceb041ee5
commit 6a99882f85
2 changed files with 30 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
winPEAS/winPEASexe/winPEAS/KnownFileCreds/Browsers/BrowserBase.cs
View File

@ -16,7 +16,7 @@ namespace winPEAS.KnownFileCreds.Browsers
{ {
Beaprint.MainPrint($"Showing saved credentials for {Name}"); Beaprint.MainPrint($"Showing saved credentials for {Name}");
var credentials = GetSavedCredentials().ToList(); var credentials = (GetSavedCredentials() ?? new List<CredentialModel>()).ToList();
if (credentials.Count == 0) if (credentials.Count == 0)
{ {

52
winPEAS/winPEASexe/winPEAS/KnownFileCreds/Browsers/ChromiumBase.cs
View File

@ -17,40 +17,46 @@ namespace winPEAS.KnownFileCreds.Browsers
public override IEnumerable<CredentialModel> GetSavedCredentials() public override IEnumerable<CredentialModel> GetSavedCredentials()
{ {
var result = new List<CredentialModel>(); var result = new List<CredentialModel>();
var p = Path.Combine(BaseAppDataPath, "Login Data"); var p = Path.Combine(BaseAppDataPath, "Login Data");
var keyPath = Path.Combine(BaseAppDataPath, "..\\Local State"); var keyPath = Path.Combine(BaseAppDataPath, "..\\Local State");
if (File.Exists(p)) try
{ {
SQLiteDatabase database = new SQLiteDatabase(p); if (File.Exists(p))
string query = "SELECT action_url, username_value, password_value FROM logins";
DataTable resultantQuery = database.ExecuteQuery(query);
if (resultantQuery.Rows.Count > 0)
{ {
var key = GCDecryptor.GetKey(keyPath); SQLiteDatabase database = new SQLiteDatabase(p);
string query = "SELECT action_url, username_value, password_value FROM logins";
DataTable resultantQuery = database.ExecuteQuery(query);
foreach (DataRow row in resultantQuery.Rows) if (resultantQuery.Rows.Count > 0)
{ {
byte[] encryptedData = Convert.FromBase64String((string)row["password_value"]); var key = GCDecryptor.GetKey(keyPath);
GCDecryptor.Prepare(encryptedData, out var nonce, out var cipherTextTag);
var pass = GCDecryptor.Decrypt(cipherTextTag, key, nonce);
string actionUrl = row["action_url"] is System.DBNull ? string.Empty : (string)row["action_url"]; foreach (DataRow row in resultantQuery.Rows)
string usernameValue = row["username_value"] is System.DBNull ? string.Empty : (string)row["username_value"];
result.Add(new CredentialModel
{ {
Url = actionUrl, byte[] encryptedData = Convert.FromBase64String((string)row["password_value"]);
Username = usernameValue, GCDecryptor.Prepare(encryptedData, out var nonce, out var cipherTextTag);
Password = pass var pass = GCDecryptor.Decrypt(cipherTextTag, key, nonce);
});
}
database.CloseDatabase(); string actionUrl = row["action_url"] is System.DBNull ? string.Empty : (string)row["action_url"];
string usernameValue = row["username_value"] is System.DBNull ? string.Empty : (string)row["username_value"];
result.Add(new CredentialModel
{
Url = actionUrl,
Username = usernameValue,
Password = pass
});
}
database.CloseDatabase();
}
} }
} }
catch (Exception e)
{
return null;
}
return result; return result;
} }